SCIM 1.1

Owned by Francesco Chicchiriccò
Last updated: Mar 23, 2023
2 min read

Deprecation

The SCIM 1.1 connector was deprecated in favor of the new SCIM connector, which supports both SCIM 1.1 and 2.0 specifications.

Overview

The SCIM 1.1 connector is designed to manage provisioning through the SCIM 1.1 specification.

Installation

Follow these steps to run the stand-alone connector server:

  1. Download the connector server jar file and store it in the connector server directory (any directory).
  2. Download the REST connector jar file and store it in the bundles subdirectory.
  3. Start the connector server. For more information, check the page about this topic.

Supported operations

  • Create
  • Delete
  • Update
  • Search
  • Test
  • Schema

Configuration

Configuration Properties

The following table describes all of the properties that you can specify for the configuration:

Configuration PropertyTypeRequiredDescription
baseAddress
StringXBase address of the SCIM REST service.
E.g. https://mydomain.com/api/scim/v1/
username
String
Username for authentication to the target RESTful service
password
GuardedString
Password for authentication to the target RESTful service
accept
StringXValue for the HTTP Accept header; defaults to application/json
contentType
StringXValue for the HTTP Content-Type header; defaults to application/json
clientId
String
Client id for authentication to the target RESTful service
clientSecret
String
Client secret for authentication to the target RESTful service
accessTokenNodeId
String
Field id of the JSON object node, returned from target Access Token RESTful service, that contains token value; defaults to access_token
accessTokenBaseAddress
String
Base address of the target RESTful service used to obtain access token
accessTokenContentType
String
Value for the HTTP Content-Type header for the target Access Token RESTful service; defaults to application/x-www-form-urlencoded
customAttributesJSON
String
SCIM Resource Schema representation in JSON format, used to specify custom attributes. See here as reference
updateMethod
String
Method used for updates (PATCH or PUT); defaults to PATCH

A sample value for customAttributesJSON parameter that includes some custom attributes you want the Connector to handle:

{
  "id": "urn:scim:schemas:core:1.0:User",
  "name": "User",
  "description": "Core User",
  "schema": "urn:scim:schemas:core:1.0",
  "endpoint": "/Users",
  "attributes": [
    {
      "name": "myCustomName",
      "type": "string",
      "multiValued": false,
      "description": "",
      "schema": "urn:scim:schemas:core:1.0",
      "readOnly": false,
      "required": false,
      "caseExact": false
    }
  ]
}

The important parts are:

  • attributes;
  • all the name and schema property of each attribute.

Indeed, the resulting schema representation will use the same name convention used for other complex attributes, e.g.:

  • name.familyName
  • addresses.other.formatted
  • emails.work.primary
  • phoneNumbers.work.value

so in this case it will be:

  • urn:scim:schemas:core:1.0.myCustomName

Testing

You'll need to create the file ./src/test/resources/net/tirasa/connid/bundles/scimv11/auth.properties, with the following structure:

auth.baseAddress=
auth.username=
auth.password=
auth.contentType=
auth.accept=

auth.clientSecret=
auth.clientId=
auth.accessTokenNodeId=
auth.accessTokenBaseAddress=
auth.accessTokenContentType=

auth.defaultEntitlement=

# in case you have some custom attribute
auth.customAttributes=

In case you want to include some test for your custom attribute, add the following other properties:

auth.customAttributesKeys=
auth.customAttributesValues=
auth.customAttributesUpdateValues=
# other schemas you want to add and retrieve to and from entities
auth.otherSchemas=

E.g.

auth.baseAddress=https://test.com/path/api/scim/v1/
auth.username=test
auth.password=password01
auth.contentType=application/json
auth.accept=application/json

auth.clientSecret=
auth.clientId=
auth.accessTokenNodeId=
auth.accessTokenBaseAddress=
auth.accessTokenContentType=

auth.defaultEntitlement=

# in case you have some custom attribute
auth.customAttributes={"id":"urn:scim:schemas:core:1.0:User","name":"User","description":"Core User","schema":"urn:scim:schemas:core:1.0","endpoint":"/Users","attributes":[{"name":"myCustomName","type":"string","multiValued":false,"description":"","schema":"urn:scim:schemas:core:1.0","readOnly":false,"required":false,"caseExact":false}]}

auth.customAttributesKeys=urn:scim:schemas:core:1.0.myCustomName
auth.customAttributesValues=Frank
auth.customAttributesUpdateValues=Francis
# other schemas you want to add and retrieve to and from entities
auth.otherSchemas=urn:scim:schemas:extension:attributemetadata:1.0

Use the following command to run connector tests:

mvn -Pit